DHS issues warning that Anonymous may attack infrastructure
Bulletin says hacker collective could soon be capable of heavily damaging industrial control systems
Computerworld - The U.S. government is keeping a wary eye on what it says is hacking collective Anonymous' growing interest in attacking critical infrastructure targets.
A DHS bulletin posted this week assesses the ability of the collective to inflict damage on industrial control systems that manage equipment at power plants, water treatment facilities, chemical plants and other potential targets.
The report downplays the near-term threat posed by Anonymous to such targets, but adds that experienced and skilled members of the group could "develop capabilities to gain access and trespass on control system networks very quickly."
The report says that Anonymous recently called on members to target energy companies. DHS said the call is likely to attract both members of the collective and the broader activist hacking community.
"Asset owners and operators of critical infrastructure control systems are encouraged to engage in addressing the security needs of their control system assets," the DHS said.
The bulletin was posted on Monday on publicintelligence.net, which describes itself as "an international, collaborative research project aimed at aggregating the collective work of independent researchers around the globe who wish to defend the public's right to access information."
The DHS National Cybersecurity and Communications Integration Center (NCCIC) bulletin is not classified, but is marked for official use only. It is addressed broadly to stakeholders within the cybersecurity and critical infrastructure communities.
In the report, the DHS cites several recent actions that point toward a growing interest by Anonymous in industrial control systems.
In July, it notes, Anonymous members released a report spelling out the collective's concerns about global warming and called for protests against the Alberta Tar Sands project in Montana.
The Anonymous report aimed to draw attention to what the group claimed was "boundless greed" of several energy and financial services companies.
In July, a known member of Anonymous also publicly claimed to have accessed multiple control systems.
"The posted xml and html code reveals that the individual understands the content of the code in relation to common hacking techniques to obtain elevated privileges," the DHS said. "It does not indicate knowledge of ICS; rather, it indicates that the individual has interest in the application software used in control systems."
The Anonymous post included administrative code used to create password dump files for a human-machine interface system from Siemens, and so-called "foundation code" that is used in server communication with programmable logic controllers, industrial controllers and remote terminal units, the DHS bulletin said,
The publicly posted code "indicates that the individual was able to recognize and post the portions of code that would ensure others knowledgeable in control systems would take notice," the DHS said.
The report notes that Anonymous has the ability to disrupt some systems within the critical infrastructure -- such as Windows systems and Web applications -- by using "rudimentary attack methods" such as denial of service attacks.
"Anonymous' increased interest may indicate intent to develop an offensive ICS capability in the future," it said.
The DHS assessment comes amid increasing concern about vulnerabilities in U.S. critical infrastructure. Last year's Stuxnet worm in particular drew massive attention to the possibility that cyberattacks could disrupt or take down critical infrastructure targets.
The DHS in recent months issued several similar alerts about the activities of Anonymous, which indicates that the loosely affiliated collection of so-called hactivists is seen as a serious threat.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- Learn More About Peer 1 Hosting's Mission Critical Cloud Mission Critical Cloud from Peer 1 Hosting is enterprise-ready, creating a perfect point of adoption whether you need an off-premise solution for development
- What Makes a Cloud Solution Truly Enterprise-Grade? Future enterprise cloud capabilities will evolve from five core elements...
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade.
- Peer 1's Mission Critical Cloud: Your Cloud, Your Way Peer 1 Hosting's Mission Critical Cloud offers the ultimate in flexible customization of infrastructure, resources and support. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!